Congress Just Voted to Allow Internet Providers to Sell Your Browsing History

In Brief

The House of Representatives passed a resolution yesterday that rolls back previously approved FCC internet privacy rules. The Senate approved the resolution last week, and the Trump administration has already said the president will sign it into effect.

Protecting Privacy

In a 215-205 vote yesterday, March 28, members of the United States House of Representatives decided to pass a Congressional Review Act (CRA) that overturns an internet privacy regulation yet to take effect. A similar CRA was passed by the Senate last week, and the White House has confirmed in a statement that President Donald Trump will sign the regulation rollback.

The repealed regulation was put in place by the Federal Communications Commission (FCC) in October 2016 under the Obama Administration. It set privacy requirements that internet service providers (ISPs) would need to follow before they could share or sell their consumers’ private and sensitive data, such as their financial or health information or browsing history. The regulation would prohibit ISPs like AT&T, Verizon, and Comcast from sharing that data without getting explicit content from consumers via an “opt-in” agreement.

By nature of their services, ISPs have access to a huge amount of information on their subscribers. In the predominantly ad-supported business model followed by the internet, the ability to leverage this information can be financially crucial. ISPs have protested that the FCC regulation would have put them at a disadvantage compared to Google and Facebook, as both follow the less-stringent privacy rules of the Federal Trade Commission (FTC).

An Attack on Net Neutrality?

FCC Chairman Ajit Pai agrees with the argument put forward by the ISPs, pointing out the difference in policies between the FCC and the FTC. In a written statement, Pai said that “[his] view is that there should be a comprehensive and consistent framework for protecting digital privacy. There should not be one standard for internet service providers and another for other online companies.”

Jules Polonetsky, a privacy expert and CEO of the Future of Privacy Forum, said in an interview with NPR that the FTC “has generally been the lead privacy enforcer, and I think has been very aggressive at doing so.” He went on to add, “At the end of the day, the willingness of the FCC and the FTC to use their authority effectively is what will determine whether the consumers are protected. The FCC (has in the past) used even its high-level authority very aggressively, and the FTC certainly historically has.”

On the other side of the issue, privacy advocates in both houses of Congress saw Tuesday’s results as the first step in an attack against the FCC’s net neutrality rules. Anna Eshoo, a Democratic representative from California, said that yesterday’s CRA would leave “a gaping hole in federal privacy protections.” Meanwhile, during a Senate oversight hearing discussing the CRA, Senator Ed Markey said, “The big broadband barons and their allies are firing their opening salvo in the war on net neutrality, and they want broadband privacy protections to be their first victim.”

Advocacy groups and private individuals have been urging Congress “not to bow to industry pressure and [save broadband privacy].” Prior to Tuesday’s decision, 90,000 petitions had been sent to elected officials from organizations like the ACLU, Free Press, and Demand Progress, but unless President Trump decides not to sign the resolution, your internet information will soon be at the mercy of the ISPs.